本文選題：決策 + 協(xié)同　； 參考：《電子科技大學》2014年碩士論文

【摘要】：互聯(lián)網(wǎng)安全從互聯(lián)網(wǎng)的商業(yè)化開始就一直受到嚴重的威脅,目前國內(nèi)外通常采用安全評估系統(tǒng)來檢測系統(tǒng)的安全性。滲透測試則是最常見也是有效的檢測系統(tǒng)安全性的方法。本文從滲透測試和智能化決策角度出發(fā),設計并實現(xiàn)了基于協(xié)同決策的滲透測試系統(tǒng)。該系統(tǒng)可以有效的調(diào)度最佳的主機對目標系統(tǒng)進行自動化滲透測試。本文的主要工作內(nèi)容如下:1)針對國內(nèi)外的主要滲透測試技術(shù)和智能決策協(xié)同等進行了相應研究。2)針對滲透測試設計了決策協(xié)同模塊,并對任務的表述及切分、節(jié)點的選擇、節(jié)點通信與異常處理等核心技術(shù)進行了研究與實現(xiàn)。對多個節(jié)點共同執(zhí)行復雜任務進行了有效劃分,使得任務可以由多節(jié)點協(xié)同完成,提高了工作效率。3)對metasploit進行滲透測試進行了相關(guān)的研究,特別是nmap的核心功能以及nse腳本引擎。為自動化滲透測試提供了技術(shù)路徑。4)編寫bash shell腳本并利用metasploit提供的接口編寫腳本調(diào)用nmap、payloads、exploit等組件完成自動化滲透測試。5)針對協(xié)同決策的滲透測試進行了實際網(wǎng)絡的滲透測試與驗證。成功獲取了目標系統(tǒng)的sam數(shù)據(jù)庫內(nèi)容。結(jié)果表明:本文研究與實現(xiàn)的基于協(xié)同自主的滲透測試系統(tǒng)相對于傳統(tǒng)的滲透測試方式而言,具有更高的執(zhí)行效率和更低的成本(主要是人力、時間、知識學習等成本)等特點。
[Abstract]:Internet security has been seriously threatened by the commercialization of the Internet. At present, the security assessment system is usually used to detect the security of the system at home and abroad. Penetration testing is the most common and effective method for detecting system security. This paper, based on the penetration test and intelligent decision making, designs and implements the method. This system can effectively dispatch the best host to the automatic penetration test of the target system. The main contents of this paper are as follows: 1) according to the main osmosis testing technology at home and abroad and intelligent decision coordination, the corresponding.2 is studied.) the decision coordination module is designed for the penetration test. The key technologies such as the representation and segmentation of the task, the selection of nodes, the node communication and the exception handling are studied and implemented. The complex tasks of the nodes are effectively divided, and the tasks can be completed by multi nodes and improved the efficiency of.3). The related research is carried out on the penetration test of Metasploit. Not the core function of nmap and the NSE scripting engine. It provides a technical path for automated penetration testing.4) writing bash shell scripts and using the interface writing script provided by Metasploit to call nmap, payloads, exploit and other components to complete the automated penetration test.5) for the penetration test of collaborative decision making the penetration test of the actual network. The sam database content of the target system is successfully obtained. The results show that the research and implementation of the collaborative autonomous osmosis testing system is more efficient and lower cost (mainly human, time, knowledge learning and other costs) compared with the traditional osmosis testing.
【學位授予單位】：電子科技大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TP393.08

【參考文獻】

相關(guān)期刊論文 前3條

1 劉承學;申斌;胡娜;;淺析可信計算技術(shù)及其發(fā)展[J];信息安全與技術(shù);2012年01期

2 吳旭;;計算機支持的協(xié)同工作系統(tǒng)技術(shù)探析[J];科技與企業(yè);2012年09期

3 郝高麟;;移動通信網(wǎng)絡干擾問題的分析與快除[J];數(shù)據(jù)通信;2010年04期

相關(guān)碩士學位論文 前1條

1 林釔霖;基于PKI的身份認證系統(tǒng)研究[D];重慶理工大學;2012年

，

本文編號：2049594